[OpenAFS] Re: tcp or udp?

Ken Hornstein kenh@cmf.nrl.navy.mil
Wed, 01 Feb 2006 12:07:54 -0500


>My personal experience is that most places blocking UDP are also
>blocking TCP and forcing users to use an HTTP proxy for all internet
>access.  I'm actually interested in knowing about the prevalence of
>anything that falls in-between (NATted TCP but no UDP).  I know it's
>possible, of course; are there any network devices that do this by
>default, or is it usually the case that networks configured this way
>are setup this way deliberately?

I've dealt with a LOT of firewall administrators in my day.  I can't
even begin to tell you the number of times I've heard them say, "We
don't want to let UDP through, because it's more insecure".  These
people are clearly idiots, but that doesn't change the fact that they
exist.

--Ken